System and method for remote self-enrollment in biometric databases

ABSTRACT

A method and system is provided to provide enrollment of biometric data from individuals without the need for the enrollees to travel to a central location. The system and method provides for optionally detecting multiple types of biometric data, for example, fingerprints, facial scan, visual scan, iris scan, voice scan, or the like, to be captured at the point of enrollee use. During the biometric capture process, the biometric enrollment device monitors and establishes the identity of the enrollee and measures the quality of the biometric input as it occurs. If unacceptable quality is detected, then repeated biometric scans may be necessary, but is done at time of enrollment avoiding any need to send inaccurate information back to a service institution. When the enrollment process completes, the biometric data is encrypted, time stamped and either mailed back to the service institution or is transmitted back. The biometric device may remain with the user for subsequent use as an identification sensor which may authenticate a user with stored biometric information to authenticate a user&#39;s identity for a transaction or a request to access a service or equipment. The biometric enrollment device may also be embodied with another piece of equipment to authenticate use of that equipment.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The invention generally relates to the field of computer sensors and,more specifically, to a system and method of biometric enrollmentdevices and remote enrollment using the enrollment devices.

2. Background Description

Security concerns and verification of an individual's identity hasbecome a significant issue for many institutions, employers, and thelike. For example, a bank may wish to verify the identity of anindividual accessing an account or service. Often access to accounts,services, or facilities relies extensively on passwords or personalidentification numbers (PIN). However, biometric information has becomemore prevalent in replacing or supplementing identificationverification.

As a consequence of a more widespread use of biometrics, and asbiometric databases become accordingly larger, enrollment into thedatabases becomes an increasingly difficult problem. Enrollmenttypically has been a labor intensive and somewhat skilled operationoften limited by the availability of staff, time, and relativelycomplicated hardware.

Currently, institutions wishing to enroll large numbers of peoplegenerally require them to travel to a designated location (e.g.,Department of Motor Vehicles or bank branch) for enrollment usingapproved hardware and skilled operators. This is often inconvenient forthe enrollee and expensive in terms of time and costs. Some aspects ofusing these existing enrollment methods include, for example:

-   -   (i) Use of bulky hardware;    -   (ii) Requirement of skilled operators for performing the        enrollment; and    -   (iii) Necessity of the enrollee traveling to an enrollment site.

Some institutions such as banks have experimented with an “inklesspaper” enrollment mechanism, for example, a method of making permanentimages (e.g., fingerprints) on a recording surface having a thermosensitive color-developing layer or methods using multi-chemicalrecording surfaces. The special chemical paper (i.e., “ink-less paper”)is mailed to the customers/enrollees who mail back the fingerprints forsubsequent scanning. Similarly, some authorities (e.g., Immigration andNaturalization Service or UK Passport Agency) remotely enroll users in afacial image biometric database, requiring the users to send aphotograph. The photography, however, must match strict institutionalguidelines on size, head pose, illumination, paper type etc. which mayrequire the user/enrollee to travel to a designated place to have theimage taken.

Remote enrollment may also be carried out by telephone using speakeridentification systems (i.e., voice printing), though this necessarilyimplies that the speech may be corrupted by channel characteristics andnoise.

The invention provides an electronic device and method for remoteenrollment that has significant advantages over existing methods ofenrollment into biometric databases.

SUMMARY OF THE INVENTION

After considerable review of known art systems, the invention has beendeveloped to solve many problems which has been found with such systems.In particular, for example, the invention provides solutions to thefollowing problems:

-   -   (i) Fingerprint/face photograph data being captured in paper        form and then requiring scanning to be captured in digital        format;    -   (ii) The quality of the biometric (e.g., illumination/pose of        face or pressure of fingerprint) cannot be assessed at the time        of capture which then requires multiple operations to correct        the problem; and    -   (iii) Lack of security and trustworthiness in the channel may        cause low confidence or trust in the results.

In an aspect of the invention, a method of providing a service forcapturing biometric data is provided. The method comprises the steps ofacquiring biometric data from one or more biometric sensors,authenticating the enrollee associated with the biometric data andenrolling the authenticated enrollee associated with the biometric data.

In another aspect of the invention, a method includes the steps ofacquiring biometric data from one or more biometric sensors, enrollingan enrollee associated with the biometric data, wherein the biometricdata is verified for quality at the time of enrollment based on apre-determined threshold, and delivering the biometric data associatedwith the enrollee to a service provider.

In another aspect of the invention, a computer program product isprovided comprising a computer usable medium having readable programcode embodied in the medium. The computer program code includes at leastone component to acquire biometric data from one or more biometricsensors, enroll an enrollee associated with the biometric data, whereinthe biometric data is verified for quality at the time of enrollmentbased on a pre-determined threshold, and to deliver the biometric dataassociated with the enrollee to a service provider.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of an embodiment of the invention;

FIG. 2 is a block diagram of an embodiment of the invention;

FIG. 3 is a block diagram of showing optional components of theinvention;

FIG. 4 is a block diagram of an embodiment of the invention includedwith other operational equipment; and

FIGS. 5A and 5B are flow charts showing steps of an embodiment for usingthe invention.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION

The invention is directed, for example, to a system and method ofremotely enrolling enrollees into biometric databases. The system andmethod may provide a secure enrollment process without requiring anenrollee to travel to a designated location for enrollment. Thebiometric enrollment device may also be used to implement a biometricenrollment service that may, for example, obtain, validate and storebiometric information on behalf of clients or customers. In addition,the system and method of the invention may be used for securetransactions to validate transactions and user accessibility and abilityto transact, and the like

FIG. 1 is a block diagram of an embodiment of the invention, generallydenoted by reference numeral 100, and referred to as a biometricenrollment device. The biometric enrollment device 100, in embodiments,comprises one or more biometric sensors, 101, 102, and 103, such as, forexample, fingerprint scans, eye scans, voice printing, etc. The device100 includes a memory device 110 for recording biometric data sensed bythe biometric sensors 101, 102, and 103. The device 100 includes aprocessor 130 for controlling one or more system components and acommunications port 120 under control of the processor 130 and incommunication with the memory device 110. The communication ports 120may be used to communicate with institutional databases 195 andassociated computer systems or personal computers 197 for receiving theresults of a biometric session and for at least recording biometricinformation captured by the sensor.

The biometric sensors 101-103 may include appropriate components foracquisition of, for example, biometric data such as face image,fingerprint, signatures, skin reflectance, voice characteristics (e.g.,by using a microphone and support circuitry), iris characteristics(e.g., using an eye scanner), or the like. It should be understood thatthese examples are not limiting and it should be apparent that othertypes of sensors are possible. The one or more biometric sensors 101-103may include any combination of types of sensors. The memory device 110may be any suitable storage medium (e.g., protected RAM, FLASH memory,disk, DVD, CD-ROMs, or the like) for portable and protected storage ofthe biometric data.

The invention may also include a timer 135 for time-stamping biometricdata operations, a cryptographic key 140, and a encryption component 145associated with the processor (either internal or external) forencrypting and signing biometric data. An output device 160 (e.g.,display) for user feedback, an input device 170 (or input interface) forreceiving input from a user may also be provided. A power supply 133(e.g., a battery or AC supply) provides necessary power to the biometricenrolling device 100, as necessary.

The processor 130 may be any suitable microcomputer for controlling andcoordinating biometric acquisition and communication operations (e.g.,the biometric sensors 101-103, output device 160, input device 170,communication ports 120, etc.). The processor may be programmed with apreset sequence of acquisition tasks that controls the sequencing of thebiometric acquisition. The various components of the biometricenrollment device 100 typically comprise low-powered circuits that maybe powered on/off and powered by batteries for easy transport (e.g.,mailing of the biometric enrollment device). Alternatively, othersuitable power supplies may be used as appropriate.

FIG. 2 is a block diagram of an embodiment of the invention. Thisembodiment further includes a capture monitor 150, a biometric qualitymeasurement component 180, and a biometric matcher 190. The capturemonitor 150 measures and monitors the enrollment process to preventfraud. For example, the capture monitor 150 may include a pressuresensor to monitor acceptable fingerprint quality, a wide-angle camera tocapture a picture that verifies that the face and fingerprint beingcaptured simultaneously are from the same person, a conduction test toverify fingers are from the same hand, or a hand imaging device thatverifies that the correct finger is being presented for a scan.

Any logical correlation of input events may be monitored for accuratecompliance. The combination may be performed according to predeterminedverification standards or plan and typically performed under control ofthe processor 130. The plan or standards may include, for example,requiring that two fingers be presented simultaneously forfingerprinting, or a fingerprint and an eye scan done sequentially, or avoice scan and face scan performed simultaneously. The plan or standardsmay stipulate that essentially any combination of biometrics, and inwhat relationship to one another, is required to capture a biometric orset of biometrics. The plan or standard comprise at least in part anaccredited procedure that is expected to occur when used by an enrollee.

The biometric quality measurement component 180, associated with theprocessor 130, may measure the quality of any biometric input at thepoint of enrollment using, for example, fingerprint quality analysis,head pose measurement, finger live-ness testing (e.g., not aprosthetic), or similar techniques for assuring that the capturedmetrics are accurate, valid and of sufficient quality. Further, thestandards or plan may stipulate pre-determined thresholds that must beachieved when a biometric is measured. For example, a fingerprint musthave a certain number of determinable critical points, or a face scanmust include a certain number of discernable characteristics, or a voiceprint must have a certain minimum duration and include certainrecognizable words or phrases, or the voice print background noise mustnot exceed a certain level, or the like. The biometric qualitymeasurement component 180 is a significant advantage over traditionalenrollment methods that require the biometric data to be mailed beforequality is assessed. Determining quality of the measured biometrics atthe time of enrollment saves time and permits multiple attempts toassure acceptable quality in the biometric scans. Since quality ismeasurable at the time of a biometric scan, the enrollee may be informedimmediately of poor quality or unacceptable presentation of the measuredbody part. In this manner, time and costs are minimized.

The invention may also present information on the output device 160(e.g., an LCD or a loudspeaker) of the quality measurement relative to arequired threshold (e.g., a pre-determined threshold). In the case ofsome measures, the output device 160 may provide specific instructionsto the user (e.g., “press harder,” “turn to your left,” “speak louder,”“use your left hand index finger”, etc.). The invention mayautomatically acquire the biometric when the quality is improved andbecomes sufficient as determined in conjunction with one or both of thecapture monitor 150 and quality measurement component 180. Likewise,continued acquisition may be predicated on suitable ongoing qualityparameters.

The biometric matcher 190, also associated with the processor 130,compares the biometric data from a biometric scan with a stored record.The biometric matcher 190 may match data based on which type of metricis being processed. For example, a fingerprint scan is compared withpreviously stored fingerprint record, etc. The biometric matcher 190 mayadjust for variations in the data within prescribed tolerances so thatacceptable (typically minor) differences between two different scanepisodes may be appropriately processed correctly. For example, afingerprint previously stored may be compared with data from a currentfinger scan and a comparison may discover that an acceptable subset ofcritical points in both scans match. That is, a minimum predeterminednumber of critical points were matched from the two scans. Similarly,for other types of scans, a minimum pre-determined threshold ofacceptable data must match between a previously recorded record and acurrent scan, as appropriate for the type of biometric(s). Thesepredetermined threshold levels may be scaled in accordance with theimportance and significance of the security required for the biometricusage as an authentication tool. That is, the more serious theapplication of the biometrics for controlling authentication events mayrequire higher thresholds to be established.

The biometric enrollment device 100 stores a biometric record of thebiometric data in digital format that is not easily viewable and may beencoded. This formatting and encoding requires detailed and extensiveknowledge of the internal formatting in order to be successfullyattacked. This formatting and encoding may provide a moderate degree ofprotection in preventing the biometric data to be extracted or tamperedwith during mailing (e.g., when encryption of the biometric data is notemployed).

The biometric data may optionally be encrypted, and when employed,secures the biometric data. The encryption component 145 suppliesextensive protection against fraudulent access of the biometric data.Once the biometric data is acquired, the data may be encrypted and adigital signature may also be recorded as supplied with the device bythe biometric enrollment device and a cryptographic key. This encryptionkey that is used for signing may be securely erased (e.g., by writingrandom bit-patterns throughout the memory) once the keys are no longerneeded (e.g., after a successful enrollment). This also aids inpreventing the keys from fraudulent discovery. The biometric enrollmentdevice may also detect a tampering operation and also erase its key andany temporary biometric data.

The timer 135 provides a precise time stamp of when the biometricsession occurs and is recorded in the memory device 110. The presence ofencryption, user feature extraction, time-stamping, and digitalsignatures in the device provide substantial security protections makingpost-capture fraud essentially impossible. The encryption component 145may be carried out by hardware or software and may use one or morecryptographic keys 140.

FIG. 3 is a block diagram showing optional components of the invention.FIG. 3 is similar to FIG. 2, however, embodiments of the invention mayinclude one or more of the optional components (as shown by dotted boxesof the biometric enrollment device 100) in various combinations,depending on circumstances and packaging. FIG. 3 illustrates theoptional components which include optional components 102, 103, 135,140, 145, 150, 160, 170, 180, and 190. Further, the personal computer197 and institutional database 195 may also be optional aspects of theenvironment. Accordingly, in all combinations, at least a biometricsensor, a memory, as well as the processor should be provided. Thecommunication port may also be optional though, when institutionaldatabase and personal computer are not provided.

To protect the enrollment process further, checks may be established toensure that the enrolled biometric belongs to the intended enrollee. Inprevious remote enrollment practices, prior to the invention, a securemail channel was relied upon to and from the individual enrollee (orenrolling institution). While this is still important, it may be furtherstrengthened with this invention by additional mechanisms, as describedbelow.

In accordance with the invention, a user may use the input device 170(which may also be incorporated into a biometric sensor itself) todemonstrate to the biometric enrollment device 100 that the enrollee isthe intended enrollee. This may be performed by entering confidential orsecret information. Such secret information might be the digits of anaccount code, a PIN or characteristic gesture (previously sent to theenrollee user by a separate mechanism, and unlikely to be simultaneouslycompromised.)

In situations where the institution has already acquired a biometricrecord from the enrollee, this may be re-verified before acquiring a newbiometric record (or simultaneously captured and verified when thedevice is returned). This also enables the enrollee to update abiometric record when a biometric changes over time, or if differencesdo not prohibit recognition of the old biometric. For example, it may beuseful to re-enroll face characteristics every 5 years (or other timeperiod), perhaps simultaneous with applying for a new passport. At thetime of the incremental update of a biometric, different biometrics mayalso be acquired, e.g., acquiring an additional fingerprint or acquiringa face image from a customer whose signature is already on record.

The biometric enrollment device 100 may also be reusable, typically bybeing reset and sent to different customers. Alternatively, thebiometric enrollment device 100 might transfer the enrolled biometricdata back to the enrolling service institution through another mechanism(e.g., secured communication link or detachable memory component such asan encrypted disc) and remain in the possession of the user or user'semployer. The biometric enrollment device may be provided with aninterface (e.g., USB, Bluetooth, GSM, wi-fi (wireless fidelity), or802.11 type wireless) as part of the communications port 120 tocommunicate directly or indirectly (e.g., through a user's personalcomputer 197) back to an institution providing enrollment services forlong-term storage in an institution database 195. The biometric data mayalso be sent to and stored by an employer of the enrollee.Alternatively, the biometric enrollment device 100 may not communicateuntil the device is presented to a predetermined communications device(e.g. bank branch, an ATM or credit card POS machine).

FIG. 4 is a block diagram of an embodiment of the invention includedwith other operational equipment. The biometric enrollment device 100may be combined with other operational equipment that has someadditional functionality, such as a novelty (calculator), a credit cardreader, mail meter, communications equipment, or any other equipmentthat may require identification generally denoted by reference numeral199. These examples are exemplary and one should recognize that thebiometric device may be used with nearly any type of service, device orequipment. Further, the biometric enrollment device 100 may be externalto the device 199 and communicate with the device 199, perhaps remotelyover a communications link (e.g., the Internet).

In the embodiment of FIG. 4, the biometric enrollment device 100 may beused as a sensor for verification of one or more biometrics of apotential user of the equipment or device 199, with or without havingtransferred the data to a central database (e.g., institutional database195). If a user biometric is not verified, access to the equipment (orservice) or device 199 may be denied or an alarm initiated.

Using the Invention

FIGS. 5A and 5B are flow charts showing steps of an embodiment for usingthe invention, beginning at step 200. FIGS. 5A and 5B are representativeof the capture validation and transactional abilities of the invention.For example, portions of FIG. 5A shows the process steps of enteringbiometric information and portions of FIG. 5B shows process steps forvalidating the ability to access or participate in certain transactions.FIGS. 5A and 5B may equally represent high-level block diagrams ofcomponents of the invention implementing the steps thereof. The steps ofFIGS. 5A and 5B may be implemented on computer program code incombination with the appropriate hardware. This computer program codemay be stored on storage media such as a diskette, hard disk, CD-ROM,DVD-ROM or tape, as well as a memory storage device or collection ofmemory storage devices such as read-only memory (ROM) or random accessmemory (RAM).

Continuing with step 202, the service providing institution customizesthe biometric enrolling device for an enrollee. In embodiments, multipleenrollees may be customized on one biometric enrolling device. Thecustomization includes, for example, a user's name, password, publickey, PIN, an expected biometric, or one-off key for communication withthe service institution from the enrollee or the biometric enrollingdevice.

At step 203, the service providing institution sends the biometricenrolling device to the enrollee by mail or other secure deliverysystem. At step 205, the enrollee activates the biometric enrollingdevice, whereupon, optionally at step 210, the biometric enrollingdevice prompts the enrollee to authenticate himself. In response to step210, at step 215 (optional depending on step 210), the enrollee enters asecret code (e.g., secret data previously communicated with theenrollee), if prompted in step 210. At optional step 220, the biometricenrolling device may prompt the enrollee for a biometric, if a biometricis on record from a previous session, for authentication of theenrollee. At optional step 225 (depending on step 220), the enrolleepresents the expected biometric to the biometric enrolling device and,in response to step 225, at optional step 230 (depending on step 225),the biometric enrolling device compares the presented biometric with thepreviously stored biometric template.

In response to optional step 230, at step 233, a check is made whetherthe presented biometric matches the previously recorded biometrictemplate. If not, the process optionally repeats at step 220.Alternatively, a count is kept for the number of attempts to verify theuser and if the count exceeds a predetermined limit, the biometricenrolling device shuts down, optionally erasing all stored data andprograms. At step 235, since the password and/or biometric matches theenrollee is considered authenticated.

At step 240, the biometric enrolling device prompts the user for a newbiometric to be enrolled. At step 245, the enrollee presents the desiredbiometric. During steps 240 and 245 (optionally, in other steps aswell), an output device may be employed to convey the desired biometric.At optional step 250, the biometric enrolling device may monitor thepresentation to check the quality of the biometric. At optional step 255(depending on optional step 250), a check is made whether the qualitylevel of the biometric is sufficient, and if not, a new prompt may beissued at step 240. Otherwise, at optional step 260 (depending on step255), a check is made whether the presentation of the biometric isverifiable, i.e., the person presenting the biometric is authenticatedto the biometric enrolling device, and if not, the process may repeat(alternatively, it may terminate if a repeat limit is reached, notshown).

If the presentation is verifiable, at step 262, the biometric enrollingdevice acquires the currently presented biometric by recording thebiometric from the appropriate sensor. At optional step 265, thebiometric data is processed (e.g., cryptographically signed and/orformatted). At optional step 267, the biometric enrolling devicetimestamps and encrypts the biometric data. At step 270, the biometricdata is stored (for example, in FLASH memory, protected RAM, protecteddisc, or the like). At optional step 275, a check is made whether morebiometrics are required (e.g., more impressions of the same finger,different impressions of multiple fingers, acquiring a face image, voiceand finger simultaneously or sequentially, or other combinations, andthe like) and if so, the process continues with step 240. Otherwise, atoptional step 280, the biometric enrolling device may prompt for newinformation such as for example, new passwords, account preferences,etc. and at optional step 285 (depending on step 280) the information isstored. At step 290, a check is made whether more information isrequired and, if so, processing continues at step 280.

Referring now to FIG. 5B, at step 295, a decision is made whether thebiometric enrolling device is to be mailed back (or hand delivered) tothe enrolling service institution or not. This decision may also be madeby the sending institution prior to the biometric device is everdelivered. If so, at step 300, the biometric enrolling device is mailedto the service institution. At step 305, the service institution readsthe biometric information from the biometric enrolling device. At step310, the service institution decrypts, verifies protections, andcorrelates the biometric data including authenticating the enrollee withthe biometric data stored so that all data delivered is verified so thata determination is made that all returned data (including anyidentification information, such as, for example, passwords or secretdata) has been captured or received according to the expected accreditedprocedure loaded into the biometric enrolling device when the device wasinitially configured for use. At step 312, if the verification is valid,the institution stores the biometric information in a database for theenrollee(s) and the process completes, at step 385.

If, however, the biometric enrolling device is not to be mailed or handdelivered at step 295, then at step 315, the biometric enrolling deviceconnects to the service institution's computer and databases. At step320, the biometric enrolling device communicates the biometricinformation to the service institution where the service institutionprocesses the biometric information (e.g., steps 310, 312 and 385). Atstep 325, a check is made if enrollment is completed. If so, then, atstep 335, the biometric enrolling device may disable itself (and mayerase itself) and, at step 355, the enrollee returns the biometricenrolling device (or optionally discards the device).

If, however, the enrollment is ongoing, or the biometric enrollingdevice is to be used as an authenticator for service requests ortransactions, then at step 330, the enrollee/user retains the biometricenrolling device. At step 345, an enrollee wishes to make a third partytransaction and may use the biometric enrolling device to authenticateidentity of the third party. At step 350, the transaction third partyrequests authentication from the biometric enrolling device. At step355, the biometric enrolling device verifies the third party as a validthird party authorized for the type of transaction being requested. Thismay be performed by validating a key.

For an authorized third party, at step 360, the biometric enrollingdevice prompts the enrollee/user for a stored biometric. At step 365,the biometric enrolling device verifies the stored biometric with thescanned new biometric from the enrollee/user. At step 370, the biometricenrolling device signs the third party's request (e.g., using a key)denoting that the biometric is verified and also informs theenrollee/user of the verification of the third party. A non-verifiedbiometric results in a non-signed request. At step 380, the third partypermits the transaction to proceed. The transaction may involvepurchases, a use of a service, boarding an aircraft, or any transactionor access where authentication of an individual is desired. At step 385,the process ends.

The invention provides a flexible, secure process, for remotelyaccepting biometrics for subsequent authentication of the user. This maybe done efficiently without the need for the enrollee/users to travel toa central location and also avoids the need for trained specialists tomonitor the biometric enrollment process. The biometric enrolling deviceprovides a portable, secure and convenient process for enrollingindividuals into a biometric database and subsequent verification ofidentifications to control access to services, devices, and the like.

While the invention has been described in terms of embodiments, thoseskilled in the art will recognize that the invention can be practicedwith modifications and in the spirit and scope of the appended claims.

1. A method of providing a service for capturing biometric data,comprising the steps of: acquiring biometric data from one or morebiometric sensors; authenticating the enrollee associated with thebiometric data; and enrolling the authenticated enrollee associated withthe biometric data, wherein at least one of the acquiring occursremotely from a service provider and the enrolling occurs at a differenttime from the acquiring.
 2. The method of claim 1, further comprisingthe steps of: delivering the biometric data associated with the enrolleeto a service provider; and authenticating at the service provider thatall delivered data has been captured according to an accreditedprocedure.
 3. The method of claim 1, further comprising the step ofcommunicating the biometric data to an external device using one of awired or wireless communications port to communicate the biometric datato the external device.
 4. The method of claim 1, wherein at least oneof the one or more biometric sensors is at least one of a fingerprintsensor, a skin reflectivity sensor, a camera suitable for capture of afacial image, a microphone for acquiring voice data, and an eye scanner,and the one or more biometric sensors acquiring the biometric datasequentially or simultaneously when two or more biometric sensors arepresent.
 5. The method of claim 1, further including verifying thebiometric data according to pre-determined verification standards. 6.The method of claim 1, further comprising the step of time stamping thebiometric data.
 7. The method of claim 1, further comprising at leastone of encrypting and certifying the biometric data.
 8. The method ofclaim 1, further comprising the steps of: determining a quality measurefor the biometric data sensed by the one or more biometric sensors; andstoring one or more biometric records only when the biometric data is ofa quality sufficient to meet a predetermined threshold.
 9. The method ofclaim 1, further including providing feedback to cause a change in thebiometric data sensed by the one or more biometric sensors so that anincrease in the sensed quality of the biometric data occurs.
 10. Themethod of claim 1, further comprising the step of comparing twobiometric records and denying access when the compared two biometricsrecords are different.
 11. The method of claim 1, further comprising thesteps of: receiving at least one of a password, a secret data, and auser identification before sensing biometric data occurs; and verifyingone or more previously enrolled biometrics before allowing enrollment ofadditional biometric data.
 12. The method of claim 1, further comprisingthe steps of: creating one or more biometric records; encrypting the oneor more biometric records; and associating the one or more biometricrecords with the enrollee.
 13. A method of providing a service forcapturing biometric data, comprising the steps of: acquiring biometricdata from one or more biometric sensors; enrolling an enrolleeassociated with the biometric data, wherein the biometric data isverified for quality at the time of enrollment based on a pre-determinedthreshold; and delivering the biometric data associated with theenrollee to a service provider.
 14. The method of claim 13, wherein inthe acquiring step the one or more biometric sensors include at leastone of a fingerprint sensor, a skin reflectivity sensor, a camerasuitable for capture of a facial image, a microphone for acquiring voicedata, and an eye scanner.
 15. The method of claim 13, wherein theacquiring step acquires the biometric data simultaneously orsequentially when two or more biometric sensors are present.
 16. Themethod of claim 13, further comprising the steps of: authenticating anenrollee using at least one of a password, a user identification and apreviously stored biometric prior to the enrolling step and limitingaccess until the authenticating is successful; verifying the acquiredbiometric data meets pre-determined verification standards; encryptingthe biometric data producing encrypted biometric data; and generating atime stamp for recording when the enrolling occurs.
 17. The method ofclaim 13, further comprising the steps of: determining a quality measurefor the biometric data sensed by the one or more biometric sensors andthe biometric data is captured only when it is of a quality sufficientto meet a pre-determined threshold; providing a feedback to cause achange in the biometric data sensed by the one or more biometric sensorsso that an increase in the quality of the sensed biometric data occurs;and sending the biometric data to a service provider using at least oneof electronic communications, mail, and hand delivery.
 18. The method ofclaim 13, further comprising: receiving a third party request forauthenticating a transaction; prompting for a biometric to verify atransaction participant; verifying the biometric matches a storedbiometric associated with the transaction participant; and signing thethird party request with a private key associated with the third partyand sending the signed third party request to complete theauthenticating of the transaction.
 19. The method of claim 13, furthercomprising monitoring the acquiring step to determine if the biometricinput is being correctly presented for scanning according to apredetermined plan.
 20. A computer program product comprising a computerusable medium having readable program code embodied in the medium, thecomputer program product includes at least one component to: acquirebiometric data from one or more biometric sensors; enroll an enrolleeassociated with the biometric data, wherein the biometric data isverified for quality at the time of enrollment by comparing thebiometric data to a pre-determined threshold; and deliver the biometricdata associated with the enrollee to a service provider.